[Git][security-tracker-team/security-tracker][master] Add jupyterlab for node-systeminformation CVE

[Bastien Roucariès (@rouca)]

Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d4c9721c by Bastien Roucariès at 2026-06-03T17:06:04+02:00
Add jupyterlab for node-systeminformation CVE

node-systeminformation was splitted

- - - - -


2 changed files:

- data/CVE/list
- data/embedded-code-copies


Changes:

=====================================
data/CVE/list
=====================================
@@ -4269,6 +4269,8 @@ CVE-2026-44886 (Pi.Alert is a WIFI / LAN intruder detector with web service moni
 	NOT-FOR-US: Pi.Alert
 CVE-2026-44724 (systeminformation is a System and OS information library for node.js.  ...)
 	- node-systeminformation <not-affected> (Fixed before initial upload to Debian)
+	- jupyterlab 4.0.11+ds5+~cs11.25.27-1
+	NOTE: node-systeminformation splited from jupyterlab
 CVE-2026-44720 (OpenLearnX is an open-source, decentralized learning and assessment pl ...)
 	NOT-FOR-US: OpenLearnX
 CVE-2026-44713 (pam_usb provides hardware authentication for Linux using ordinary remo ...)
@@ -59304,8 +59306,12 @@ CVE-2026-26336 (Hyland Alfresco allows unauthenticated attackers to read arbitra
 	NOT-FOR-US: Hyland
 CVE-2026-26318 (systeminformation is a System and OS information library for node.js.  ...)
 	- node-systeminformation <not-affected> (Fixed before initial upload to Debian)
+	- jupyterlab 4.0.11+ds5+~cs11.25.27-1
+	NOTE: node-systeminformation splited from jupyterlab
 CVE-2026-26280 (systeminformation is a System and OS information library for node.js.  ...)
 	- node-systeminformation <not-affected> (Fixed before initial upload to Debian)
+	- jupyterlab 4.0.11+ds5+~cs11.25.27-1
+	NOTE: node-systeminformation splited from jupyterlab
 CVE-2026-26278 (fast-xml-parser allows users to validate XML, parse XML to JS object,  ...)
 	- node-webfont <undetermined>
 	NOTE: https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-jmr7-xgp7-cmfj
@@ -87293,6 +87299,8 @@ CVE-2025-68155 (@vitejs/plugin-rs provides React Server Components (RSC) support
 	NOT-FOR-US: React Server Components (RSC) support plugin for Vite
 CVE-2025-68154 (systeminformation is a System and OS information library for node.js.  ...)
 	- node-systeminformation <not-affected> (Fixed before initial upload to Debian)
+	- jupyterlab 4.0.11+ds5+~cs11.25.27-1
+	NOTE: node-systeminformation splited from jupyterlab
 CVE-2025-68150 (Parse Server is an open source backend that can be deployed to any inf ...)
 	NOT-FOR-US: Parse Server
 CVE-2025-68146 (filelock is a platform-independent file lock for Python. In versions p ...)
@@ -206990,6 +206998,8 @@ CVE-2024-56335 (vaultwarden is an unofficial Bitwarden compatible server written
 	- vaultwarden <itp> (bug #1067023)
 CVE-2024-56334 (systeminformation is a System and OS information library for node.js.  ...)
 	- node-systeminformation <not-affected> (Fixed before initial upload to Debian)
+	- jupyterlab 4.0.11+ds5+~cs11.25.27-1
+	NOTE: node-systeminformation splited from jupyterlab
 CVE-2024-55509 (SQL injection vulnerability in CodeAstro Complaint Management System v ...)
 	NOT-FOR-US: CodeAstro Complaint Management System
 CVE-2024-40875 (There is a cross-site scripting vulnerability in the management consol ...)


=====================================
data/embedded-code-copies
=====================================
@@ -3971,3 +3971,7 @@ fast-uri (not packaged in Debian)
 
 erlang-cowlib
 	- rabbitmq-server <unfixed> (embed)
+
+node-systeminformation
+	- jupyterlab 4.0.11+ds5+~cs11.25.27-1
+	NOTE: node-systeminformation splited from jupyterlab



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d4c9721cb7fd4616ba62f3ca59f54e6e084fd7fc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d4c9721cb7fd4616ba62f3ca59f54e6e084fd7fc
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260603/2d05d37f/attachment-0001.htm>